Enterprise SOA and the Mainframe Solutions
The terms Web Services and SOA are often used interchangeably, but the reality is that they’re quite different. Let’s begin by describing what SOA isn’t, and we’ll leave that to Joe McKendrick and Dave Linthicum:
- An effective, functioning service-oriented architecture requires governance, and the ability to share services across multiple business units and enterprises. It’s easy to build Web services. You could build 10 of them in an afternoon. But, then you end up with a JBOWS architecture (Just a Bunch of Web Services), which will grow into a different sort of SOA; a Spaghetti-Oriented Architecture. Joe McKendrick, analyst and editor with Webservices.org
- SOA is a true systemic change in the way you approach enterprise architecture. That's where the value is, and not just Web service-enabling your systems, or purchasing and implementing products with the "SOA hype label" bound to them. Dave Linthicum, well known author, professor and writer
So what is Mainframe SOA, and how can you achieve it? The answer is surprisingly simple; Service Oriented Architecture is an architectural methodology for the loose coupling and management of services. The emphasis in SOA is on the "A". SOA uses loosely coupled, interoperable and composeable services. These services have well-defined interfaces as well as QoS attributes (or policies) on how these interfaces can be used by Service Consumers.
SOA is concerned with manageability, reliability, security and change management. Collectively these terms are known as "Governance". In order to bring SOA to a mainframe environment, companies must apply Governance to any implementation of Web Services.
back to top
It’s essential that your SOA solution considers the following categories. Failure to do so can lead to an ungoverned mess, or "Just a Bunch Of Web Services"
SOAP & XML Capability: SOAP and XML capability (commonly called "web services") is the foundation of SOA. Many vendors only offer mainframe web services, ignoring the other components of SOA.
Security: security is essential when integrating mainframe applications, especially those dealing with sensitive data. The only viable solution to Web Services security is to use WS-Security, which is the widely accepted standard for securing services.
Policy Management: policy management is the heart of SOA governance. A policy can define how a service can be used, who can use it, what security is required and much, much more. Policy management based on WS-Policy standards is essential.
Registry: the Holy Grail of SOA is reuse. The key to reuse is discovery of services. This is accomplished by publishing services in a Registry. A registry provides for reuse and discovery and is an essential ingredient in SOA governance.
Monitoring, Logging & Audit Controls: effective Governance requires measurement, for without measurement you will be unable to judge whether your services are meeting service level agreements. Monitoring, logging and audit capability are essential building blocks of Governance.
Development Tools: it is impossible to develop services without the use of a comprehensive development tool. The tool needs to be powerful and it must allow management of your SOA. It must be easy to use; there shouldn’t be a steep learning curve requiring extensive training. Finally, it should not consume enormous resources on a developer’s work station (ideally it should be "thin client").
Support for Architectural Standards: a viable SOA must be adaptable to a wide range of architectural standards, particularly yours. Features such as flexible web service development (bottom-up, top-down or meet-in-the middle), configurable dictionary, customizable access and environments, etc. are all hallmarks of an adaptable SOA. The bottom line is that your solution should fit the way you do things, not the other way around.
Change and Release Management: an often overlooked aspect of service development is the "service lifecycle". Integrated change and release management is essential to allow you to effectively manage change in your environment. Ideally your SOA solution should integrate into your existing change management procedures, and should provide you with impact analysis when a service is changed.
Workflow Management: orchestration is perhaps the most misunderstood aspect of service development. Some people consider that a 3270 business transaction, because it involves a conversation, requires a proprietary orchestration tool to make it work. In fact, a better approach is to use a tool that is smart enough to understand a "business use case", and to publish that as an atomic service, without the need for proprietary orchestration to "glue together" the screen transitions. It is services themselves that need to be orchestrated, and that orchestration should be performed using industry standard techniques. The only acceptable technique for orchestration is to compose services using "Business Process Execution Language (BPEL).
back to top
More than ten years after the predicted demise of the mainframe, the platform is anything but dead. The bulk of the Fortune 1000 still run the majority of their critical systems on the mainframe, and these companies do so because the mainframe is reliable, scalable and efficient – the average mainframe application offers considerably lower TCO than an equivalent distributed application, and does so at lower risk.
The challenge facing corporate IT departments today is how to leverage exiting investments in mainframe systems and applications by allowing them to be active participants in enterprise wide SOA. Most importantly, the mainframe must participate in SOA without compromising its advantages in performance, reliability or cost effectiveness. To truly leverage the mainframe, it must become a first class participant in an enterprise SOA.
SOLA is the market’s most complete mainframe SOA solution. SOLA is the fastest, most reliable, most efficient and most economical mainframe SOA enablement platform. It is the only mainframe SOA product that’s used in high volume (10,000,000+ transactions per day) mission critical applications by some of the best known firms on the Fortune 500.
back to top
There are several vendors in the space that offer mainframe web services coupled with one or more components of mainframe SOA. IBM’s CICS TS v3.x also provides SOAP and XML capability upon which a solution can be built.
Regardless of which option you chose, if you do not buy a complete SOA solution, you will be faced with the daunting task of integrating several components to create a viable mainframe SOA. As mainframe SOA is relatively new, not every category has a matching product.
back to top
SOLA is the only product in the space that offers a complete mainframe SOA solution out of the box. SOLA provides proven, quick, efficient and cost effective application integration by publishing legacy applications as Web Services and providing every single component of a viable mainframe SOA.
back to top
- SOLA is the only enterprise class mainframe SOA solution.
- SOLA offers end-to-end governance and unlimited scalability.
- SOLA runs the world’s largest mainframe SOA implementations.
- SOLA offers integrated monitoring, logging, auditing, WS-Security and WS-Policy on the mainframe
- SOLA implements the entire SOAP stack on the mainframe, inheriting the mainframe platform’s legendary speed, reliability, scalability and manageability.
- SOLA offers a complete SOA solution; there is no need to integrate multiple products when building an enterprise-class SOA .
- SOLA is the only mainframe SOA product to offer closed-loop Governance automation.
- SOLA is the only secure, standards-based, and governable product in the space.
As important as the essential components of enterprise SOA are, they are a single dimension of a more complex issue. SOLA was designed from the ground up to address the entire spectrum of mainframe SOA issues.
Solid Foundation: building a successful mainframe SOA must start with a solid foundation. The 9 essential components of enterprise SOA make for a good beginning, but SOLA goes far beyond.
what good is leveraging technology assets if you ignore human assets? SOLA tasks the right people with the right jobs.
- Mainframe developers expose mainframe applications as services
- Distributed developers incorporate services into composite applications
- Training, development and support costs can far exceed the cost of the solution itself
Scalability and Adaptability: a good solution should be flexible; it should be able to adapt to just about anyone’s enterprise standards, no matter how strict, and allow for unhindered growth. SOLA is standards-based and built for the enterprise. As its run time is entirely mainframe based, it inherits the mainframe’s legendary scalability and fault tolerance.
Streamlined Infrastructure: you shouldn’t have to integrate your integration. A streamlined and efficient infrastructure reduces complexity and increases reliability. It can also help lower costs due to standardization and simplified support. SOLA was designed for optimum efficiency, from its mainframe run time to its batch support and ultra efficient parser, SOLA eliminates the "plumbing" that can handicap other solutions. It is also this efficiency that helps make SOLA the fastest and most cost effective product in the space.
Development: the development tool is the interface between the tool and the people that get the job done. SOLA’s development environment is as easy to use as it is powerful. Web services can be created in minutes with no programming or training required. The development environment runs in a browser and features powerful web 2.0 capabilities such as drag and drop, tab based workspaces and dynamic indexed searches. Because it is browser based, there is no workstation software to install and older workstations can be leveraged (attention to human assets and cost effectiveness at work).
Governance: industry experts believe that governance is the single most important issue facing the fledgling SOA community. From diagnosing production outages to managing changes and meeting SLAs, governance is a non negotiable requirement in a viable SOA. A solution has to either be governable by a third party tool or incorporate strong governance capabilities. SOLA does both. With WS-Security, WS-Policy, integrated monitoring, logging and auditing, and many more built in governance features, SOLA provides a comprehensive collection of governance and lifecycle management capabilities. SOLA is also fully governable; its standards based design lends itself to simple and cost effective integration with third party governance solutions. SOLA can function as a stand-alone solution for mainframe SOA and can be governed by Akana's Integrated SOA Governance Automation Solutions, Workbench and Service Manager, acting as a Certified Governed Service Platform. Certified Governed Service Platform status means that customers can be confident that their platforms won't compromise the fidelity of the governance systems and structures defined in an enterprise SOA program. The certification process ensures that Governed Service Platforms can implement and enforce governance policies providing reporting data to enable a closed-loop audit process. The Governed Service Platform status ensures that SOLA can be consistently governed along with other enterprise service platforms.
back to top
There are other tools available to help you develop your own Mainframe SOA solution. IBM’s CICS TS v3.x provides the foundation (SOAP and XML capability) for mainframe SOA built into CICS. It is very tempting to believe that you can avoid purchasing a product and work with this "free" capability to create your own mainframe SOA.
Free can be the most expensive option:
back to top
- Extended development times
- Higher CPU costs
- Third party solutions for monitoring and metrics
- Security vulnerabilities due to complexity
- Production outages due to complexity
- Lower operational efficiency due to complexity
- Training costs from not leveraging human assets
- Hardware costs for middle-tier servers and upgrading workstations
SOLA is not only cost effective, it pays for itself in short order:
- Constant and ongoing savings due to low MIPS overhead
- Reliable – minimizes support costs
- No need to rewrite legacy apps or to write wrapper programs
- No need to upgrade developer workstations
- No need for cross platform skill training
- Fully scalabale – no need for major overhauls to increase capacity
SOLA is proving its worth in production every day in one of the most demanding industries in the world – the financial services industry. At one customer over 200 legacy applications expose hundreds of Web Services using SOLA. Clients estimate that SOLA saved each application $0.5 to $2 million through cost avoidance and direct savings.
back to top
- "We had estimated about $800K using traditional technology to build a system. But by embracing SOLA we did the project for $30K." John McKinley, former CTO, Merrill Lynch
- "SOLA gives us a competitive advantage by allowing us to bring products to market quicker than our competitors." Andy Brown, former Chief Technology Architect, Merrill Lynch
SOLA includes a compliant non-validating parser (the SOLA DOM parser). Extensive performance tests were conducted to estimate the impact of parsing XML on a mainframe. The results were as follows:
- The SOLA assembler parser takes around 0.0001 CPU seconds to parse 1,000 bytes.
- Parsing 1,000 bytes (a typical input XML message size) adds less than 1% to most transactions.
- At a typical chargeback rate of $0.20 per CPU second, parsing 1,000 bytes would cost $0.000020. That amounts to a minuscule $20 to parse 1 million transactions.
- SOLA is built for high performance and high transaction volume. Several customers report running up to 10 million transactions per day through SOLA.
To test the difference in performance between SOLA and CICS TS 3.2, we wrote a COBOL program containing various data types. The goal of the program was to generate a large XML response to put both products through their paces. When we attempted to import the program using CICS Web services assistant, the import failed because the program contained many unsupported data types. SOLA imported the same program without any issues.
To make the comparison fair, we altered the program to remove the data types that IBM couldn’t handle, then imported the modified program using both Web services assistant and SOLA. This program was similar to the original, but lacked some functionality because of IBM’s limitations.
We ran the program1000 times in both environments:
IBM: 46.1 seconds for 1000 web service invocations, or 0.046 CPU seconds per call.
SOLA: 7.5 seconds for 1000 web service invocations, or 0.007 CPU seconds per call.
RESULT: SOLA was approximately 615% faster than CICS TS v3.2.
back to top
Millions of transactions have been processed through SOLA during extensive stability tests. No failures were experienced. SOLA has been in production for five years – no production failures have been experienced. To date, billions of transactions have been processed by SOLA.
back to top
SOLA has several significant advantages over competitive products. Taken together these features provide lower cost and greater productivity.
- Leverage Human Assets All competitive products create services from existing mainframe programs, but only SOLA leverages human assets. With SOLA the mainframe programmer – the person who knows the program the best – creates the services. Competitive approaches expect the distributed programmer – the person who knows the program the least (if at all) to create services.
- Global Dictionary One of SOLA’s many features is an integrated global dictionary that allows for the automatic translation of COBOL field names without affecting the source program. The SOLA dictionary centralizes translation services, therefore minimizing duplication of effort for developers.
- Security based on WS-Security and WS-Policy SOLA security is based on WS-Security and WS-Policy standards and implemented on the mainframe. By implementing WS standards on the mainframe, SOLA provides efficient and flexible security, obviating the need for a middle tier security agent.
- Batch Capability SOLA provides a number of significant features that are available to the z/OS batch programmer. Firstly, the SOLA DOM parser and API provide the batch programmer with methods to easily and inexpensively consume and create XML documents. Secondly, the SOLA outbound support is also available to the batch programmer, making it simple for a batch program to consume an outbound web service.
- Browser based Web 2.0 development environment With SOLA there’s no workstation software to install – the entire SOLA development toolset runs in a browser. This is a huge advantage – in our experience the majority of developers don’t have workstations that are powerful enough to run the "previous generation" development toolsets provided by competitors.
- Support for Architectural Standards Using the combination of the SOLA dictionary, WSDL-first development and powerful WSDL customization features, SOLA can publish web services that comply with any and all possible architectural standards.
- WSDL-First Development A lot of mainframe shops that are adopting SOA develop WSDL that complies with their architecture standards before creating web services. SOLA allows developers to create services that comply with an existing WSDL as well as create services from scratch that generate their own definitions. The SOLA dictionary can be leveraged to make this process faster and easier.
- UDDI Directory All services created by SOLA are automatically published to an external UDDI 3.0 registry, which ensures that services exposed by SOLA are visible and useable within the enterprise.
- Standards Based SOLA is a standards based solution, allowing interoperability across platforms, operating systems and programming languages. Being standards based also allows SOLA to expand and evolve without cumbersome enterprise-wide revisions, giving it unparalleled reusability and growth potential.
- Customization APIs SOLA provides customization APIs that allow customers to add capabilities beyond the product’s existing feature set. These APIs allow the user access to SOLA processing at various points in the SOAP stack so that processing can be manipulated by user specific application code. These APIs also support custom security exits. Custom APIs can be defined at the installation level or at the individual method level.
- Orchestration SOLA provides orchestration using BPEL (Business Process Execution Language for Web Services). BPEL is an XML based standard for designing, defining, implementing, and deploying composite web services, including business logic, sequencing, exception handling and process decomposition. BPEL is supported by the SOLA run-time engine.
- Dashboard The SOLA dashboard allows you to keep an eye on your web services, regions and more with a graphic user interface that provides at-a-glance status information, as well as access to SOLA’s monitoring, audit and error logs.
- XACML Authorization SOLA allows you to create your own authorization protocols to suit the way your organization functions rather than forcing you to adapt to a rigidly defined authorization structure.
- Publishes legacy applications as Web Services, allowing them to easily integrate with .Net, J2EE or any other development environment.
- Can create web services from Commarea programs, 3270 transactions, stored procedures, Adhoc SQL and Callable APIs.
- Inbound and outbound web services support (the mainframe can act as a web services server or a web services client)
- Proven and Enterprise ready
- Requires no middle tier hardware or software, runtime runs entirely on the mainframe for improved performance and increased reliability.
- WC3-compliant Assembler XML parser for superior performance and low parsing costs.
- Easy to use and deploy – "one click" creation of web-services.
- Single sign-on using LDAP or SAML 2.0
- Outbound services support for SSL/TLS and proxy
- Supports both http and MQ transport layers
- Eliminates the need for cross platform skills training (no Java or Visual Basic skills are required to publish Web Services from legacy applications using SOLA)
- Includes comprehensive monitoring and error logging for easy problem diagnosis and resolution
- Integrated testing and debugging tools
- CICS 3.x Integration – If required, SOLA can be integrated directly into the CICS 3.x pipeline.
Furthermore, no coding is required to publish Web Services with SOLA. It is simple and easy to use with a minimal learning curve. An integrated test harness allows the developer to test and validate their Web Services with just a few mouse clicks. Finally, SOLA is proven in extensive mission critical production systems today.
SOLA is already helping to achieve the pinnacle of application integration - reuse. Business functions previously isolated in legacy applications are now open for reuse by other applications in new and innovative ways.
Other solutions require extensive middleware (hardware and software). Although the initial cost of these solutions appears economical the ongoing support and management is cost prohibitive.
back to top
The SOLA Development Environment uses a J2EE compliant server and requires no workstation software to be implemented. The full features of the development environment are accessible through a browser.
SOLA COMMAREA Analyzer The SOLA COMMAREA Analyzer is used to analyze programs that expose a communications area interface. The analyzer reads a program’s compile listing, parses the COMMAREA and determines how the fields within the COMMAREA are used. It then produces a WSDL file documenting the interface, a test harness and a run-time metadata template. The template can be moved to production using standard change management procedures. The program will be automatically documented in the SOLA directory.
SOLA 3270 Analyzer The SOLA 3270 Analyzer implements an interactive graphical interface. Using this tool, developers execute the application by going through the application’s screens/maps. SOLA automatically records the interactions and aggregates them into a single web service (e.g. a multi-screen update transaction will be published as a single web service). It then produces a WSDL file documenting the interface, a test harness and a run-time metadata template. The template can be moved to production using standard change management procedures. The aggregated transaction is automatically documented in the SOLA directory.
SOLA Outbound Analyzer The SOLA Outbound Analyzer allows developers to import the WSDL representing an external web service and then analyze the operations of that service to create callable methods. The analysis automatically creates COBOL or PL/I copybooks that represent the interface to the operations. This approach allows programmers to execute an external Web Service with a simple "CICS Link" command.
The SOLA UDDI Directory The SOLA UDDI Directory is maintained in DB2. All Web Services created by SOLA are fully documented in the SOLA Directory and are organized by project. Since it is a UDDI directory, it is searchable in a variety of ways.
The SOLA Testing Facilities SOLA automatically creates a test harness for every Web Service created. This is an extremely helpful tool for the Web Service creator (usually a COBOL programmer), as it allows for the testing of new Web Services before deployment.
back to top
MRO SOLA can run using standard CICS multiple region operation (MRO). The http/MQ listener runs in a listening region, dispatching the host application programs in application owning regions. SOLA handles the communication of data between the listening and application regions. Although CICS has a limit of 32K that can be passed between the listener and application regions, SOLA can accept requests and deliver responses that exceed this limit.
Error Logging SOLA provides full error logging. Error logging reports are available through a Web reporting tool and are also provided as a Web Service.
Monitoring SOLA monitors every transaction that it handles. Monitor reports are available through a Web reporting tool and are also provided as a Web Service.
Auditing SOLA provides an optional auditing facility, which records both input and output SOAP messages for audited transactions. The facility is extremely useful for problem diagnosis. Auditing is controlled using WS-Policy.
Security SOLA has the most powerful and most versatile security in the industry, using Symmetric and Asymmetric encryption (WS Security, & SAML 2.0 etc.) and by providing mapping between various identities to the mainframe security paradigm (for example, mapping from SAML 2.0, X509, AD/LDAP to mainframe RACF/ACF2/TOP-Secret). Furthermore, the user’s authorization choices range from most basic available on the mainframe such as RACF to XACML PDP residing on or off of the mainframe.
Transport Mechanism SOLA offers http/s and MQ as transports.
Outbound SOAP requests SOLA provides the ability for the programmer to issue an outbound SOAP request to an external system. That SOAP request is transported by http, https (SSL) or MQ to the external system. The requesting program can be running either in CICS or batch.
Configuration SOLA takes advantage of the full scalability and fail-over features of parallel sysplex. SOLA introduces no affinities, allowing the workload manager to run transactions on any system in the sysplex.
back to top
Additional standards, such as WSDM and WS-Addressing are planned for future releases.
back to top
SOLA is the only mainframe SOA product to offer closed-loop Governance automation. A service is automatically governed from the point of creation because it inherits a security policy. Policy, by means of WS-PolicyAttachment, is associated with the service though all phases of the Software Development Lifecycle. It is not possible to create or run an ungoverned service.
On top of this, SOLA’s built in monitoring, logging and auditing capabilities, as well as its standards based architecture combine to make SOLA fully governable by external governance products like Akana's Policy Manager.